Cryptography Control Owner

Cryptography Control Owner

Miejsce pracy: Kraków

Technologies we use

Operating system

• Windows

About the project

Technology teams in the UK work closely with our global businesses to help design and build digital services that allow our millions of customers around the world, to bank quickly, simply and securely. They also run and manage our IT infrastructure, data centres and core banking systems that power the world’s leading international bank. Our multi-disciplined teams include: DevOps engineers, IT architects, front and back-end developers, infrastructure specialists, cyber experts, as well as project and programme managers.

Cybersecurity is responsible for fielding solutions that help defend HSBC against a wide range of threats to the business as well as its customers, clients, partners, and staff. The team works in concert, with partner teams across HSBC, to implement novel defensive capabilities that are effective and adaptable against a constantly evolving threat landscape. The function operates under the vision: “Enabling HSBC to be safely successful everywhere the Firm chooses to do business."

Global Defense - Cybersecurity Engineering and Operations is comprised of several inter-joined teams: Technical Directors Office (TDO), Site Reliability Engineering (SRE), Global Defense Governance & Delivery (GDD), Global Cybersecurity Operations (GCO) and Cybersecurity Intelligence & Threat Analysis (CITA). Together, the function enables an adaptive and constantly evolving capacity to address risks borne through an ever-shifting threat landscape. The function serves as an engine for innovation and problem solving with partner teams across the Firm who share a common imperative to be the best for our customers and drive the Global HSBC Purpose of “Opening up a world of opportunity."

Your responsibilities

• Provide the first line of defense (1LOD) for the organization for all matters relating to Cryptography controls. Drive implementation of controls to protect the group’s key data.
• Risk Management: Maintaining the accuracy and alignment of the CRYP control to the bank’s Risk Control framework.
• Controls Governance: Control Design and Continuous Control Monitoring - MPs/OIs enhancements, Control effectiveness rationale. Managing, reporting, and improving performance metrics (KCIs).
• Compliance: Ensure Cryptography controls align with relevant regulations, standards, and industry best practices, and support compliance efforts. Maintain internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators.
• Stakeholder Management: 2LoD/3LoD engagement - Responding to informal control queries and formal review and challenges and observations. Collaborate with senior stakeholders to facilitate understanding and alignment of CRYP control objectives, including business units, audit and regulators. Providing specialist knowledge and timely feedback, working in partnership with those stakeholders.
• Cross Controls Collaboration: Foster a community of collaboration/knowledge sharing across all Control Owners in Global Defense - understanding the implication a change in one control area has on other control areas. Building and maintaining constructive working relationships with a diverse community of technical and non-technical audiences.
• Training and Awareness: Develop and deliver training and awareness programs to educate stakeholders and communities within Cyber about the Cryptography control strategy.

Our requirements

• Technical Background: We are looking for someone who brings a deep understanding of technology (preferably in the Cryptography area) or who is willing to build up knowledge quick.
• Communication skills: Communication is key in that role. The CRYP Control Owner must be able to communicate complex technical information to non-technical stakeholders and explain Cryptography control policies and procedures in a clear and concise manner. The control owner must be able to communicate with stakeholders on senior level, addressing challenges and feedback.
• Collaboration skills: The CRYP Control Owner must be able to work effectively with cross-functional teams, including Cybersecurity and business units to ensure that Cryptography control strategies align with organizational goals and requirements. It is key that the Control Owner stays on top of developments in other controls areas.
• Stakeholder management skills: The CRYP Control Owner must be able to manage relationships with stakeholders, including business units and audit/regulatory bodies, to ensure that Cryptography control strategies are well received and adopted.
• Problem-solving skills: The CRYP Control Owner must be able to identify and remediate challenges in (governance) processes and must be able to get technical consultancy from the Cryptography Capability Lead to respond to issues.

What we offer

• Competitive salary
• Annual performance-based bonus
• Additional bonuses for recognition awards
• Multisport card
• Private medical care
• Life insurance
• One-time reimbursement of home office set-up (up to 800 PLN).
• Corporate parties & events
• CSR initiatives
• Nursery discounts
• Financial support with trainings and education
• Social fund
• Flexible working hours
• Free parking

Benefits

• sharing the costs of sports activities
• private medical care
• sharing the costs of professional training & courses
• life insurance
• remote work opportunities
• flexible working time
• integration events
• corporate sports team
• retirement pension plan
• corporate library
• no dress code
• coffee / tea
• parking space for employees
• leisure zone
• extra social benefits
• employee referral program
• opportunity to obtain permits and licenses
• charity initiatives
• family picnics
• extra leave
• In-office gym

Recruitment stages

• Online assessment
• Phone interview
• Job interview
• Welcome to HSBC!

HSBC Service Delivery (Polska) Sp. z o.o.

HSBC is one of the world’s largest banking and financial services organisations. Our global businesses serve more than 40 million customers worldwide through a network that covers 63 countries and territories.

HSBC Service Delivery (Polska) Sp. z o.o. is HSBC's global finance, operations, risk and technology centre. We use our unique expertise and capabilities to provide specialised services – our people range from technologists transforming the banking experience to operations professionals managing 1.7 trillion payments a year.

Our Purpose – Opening up a world of opportunity – explains why we exist. We are bringing together the people, ideas and capital that nurture progress and growth, helping to create a better world – for our customers, our people, our investors, our communities and the planet we all share.

Thank you for interest in HSBC. . Before you apply, please note that we will take into the consideration only applications that include the following statement: . “I hereby declare that I have familiarised myself with the Privacy Statement for Applicants published at and I give my consent to use my personal data included in my application for the purposes of recruitment in HSBC Service Delivery (Polska) Sp. z o. o. according to the rules described in the Privacy Statement for Applicants, as per the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR).” . Due to the high number of applications, we reserve the right to contact selected candidates only. . In case you would like to resign from participation in the recruitment process or withdraw previously sent application, please email us at: Wyświetl e-mail na pracuj.pl.